And while the vast majority of work is considered from a testing perspective, there is always an element where I have to consider operational procedural perspectives, and compliance with any standards that cover such things.
This article highlights the issue. Even with all the debate regarding patient safety and security, and even with what you might consider a professional and responsible organisation, Medicare has shot itself in the foot by not ensuring patient privacy.
Having had my notebook stolen by a Federal Government employee once, I might be predisposed to expecting all employees to posses questionable ethics, but actually my expectation is that those who work for government fully understand the significance of the role of a public servant. The responsibility is in the meta-title itself; the person is there to serve the public. This person is entrusted with the records of citizens to provide a variety of services, from health, education, aged care, welfare payments, etc.
A single act unfortunately tarnishes the group as a whole, plus it places doubt in people's mind regarding the intent of initiatives that the public servants try and implement. In this case, people will question the advertised benefits of introduction of the Health Identifier, if those proposing it, implementing it, controlling it or using it, are likely to misuse the information provided to them in confidence.
So while I continue to look at the conformance of new eHealth systems, I have to keep a beady eye on the compliance and associated risk with non-compliance, of operational procedures and guidelines; not because its fun but because the benefits of eHealth systems will never be realised when the scope is scaled back or additional guidelines are in place, to reduce the risk of a few individuals misusing the system.
No comments:
Post a Comment